stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
18d87c64c5dafb8fa75276ad1ae3c092fbae2de3
git.stella-ops.org/docs/vex/explorer-integration.md
StellaOps Bot 18d87c64c5 feat: add PolicyPackSelectorComponent with tests and integration 
- Implemented PolicyPackSelectorComponent for selecting policy packs.
- Added unit tests for component behavior, including API success and error handling.
- Introduced monaco-workers type declarations for editor workers.
- Created acceptance tests for guardrails with stubs for AT1–AT10.
- Established SCA Failure Catalogue Fixtures for regression testing.
- Developed plugin determinism harness with stubs for PL1–PL10.
- Added scripts for evidence upload and verification processes.
2025-12-05 21:24:34 +02:00

24 lines
1.0 KiB
Markdown
Raw Blame History

# VEX Explorer Integration (Md.XI draft)
> Status: DRAFT — pending GRAP0101 alignment, CSAF mapping specifics, and CLI examples. Do not publish until hashes recorded.
## Scope
- Map Explorer VEX handling: CSAF ingestion, suppression precedence, status semantics, and integration points with findings.
- Provide deterministic examples; hash payloads/screens in `docs/assets/vuln-explorer/SHA256SUMS`.
## Dependencies
- GRAP0101 contract (field names, identifiers).
- CLI/console assets (due 2025-12-09).
- Policy/VEX mapping rules from Excititor Guild.
## Topics (outline)
- CSAF → internal VEX decision mapping; precedence vs policy overrides.
- Status semantics: NOT_AFFECTED / AFFECTED_* / FIXED; validity windows; VEX-first triage per Vuln Explorer architecture.
- Suppression precedence: VEX decisions take priority over reachability/policy unless explicit override (confirm post-GRAP0101).
- Export/propagation to advisories/CLI/console.
## Determinism
- Use fixed CSAF samples; hash examples.
_Last updated: 2025-12-05 (UTC)_
Reference in New Issue View Git Blame Copy Permalink